PinnedYehuda GelbinCheckmarx ZeroStackExchange Abused to Spread Malicious Python Package, Drains Victims Crypto WalletsA malicious campaign involving several python packages, most notably the “spl-types” Python package began on June 25th with the upload of…Aug 1Aug 1
Yehuda GelbinCheckmarx ZeroYear-Long Campaign of Malicious npm Packages Targeting Roblox UsersFor over a year, a persistent malware campaign has been targeting Roblox developers through malicious NPM packages. By mimicking the…Aug 29Aug 29
Yehuda GelbinCheckmarx ZeroJuly 2024 in Software Supply Chain SecurityIn July 2024, the software supply chain security landscape faced unprecedented challenges, marked by sophisticated attacks from…Aug 23Aug 23
Yehuda GelbinCheckmarx ZeroA Year-Long Campaign of North Korean Actors Targeting Developers via Malicious npm PackagesJuly 2024 saw a surge in reports from multiple security firms detailing North Korean threat actors targeting developers through malicious…Aug 7Aug 7
Yehuda GelbinCheckmarx ZeroMalicious Python Package Targets macOS Developers to Access their GCP AccountsIn a recent investigation, we discovered that the Python package, “lr-utils-lib”, contained hidden malicious code. The code, activated upon…Jul 26Jul 26
Yehuda GelbinCheckmarx ZeroTip of the Iceberg: Malicious Python Packages Reveal Extensive Cybercriminal Operation Based in…Recently, a series of malicious Python packages surfaced on PyPI, uploaded by a user named “dsfsdfds”. These packages contained a malicious…Jul 15Jul 15
Yehuda GelbinCheckmarx ZeroAlert: CDN Service “polyfill.io”It’s not uncommon for things like domains and open-source projects to change hands. While many such transitions occur without incident, the…Jun 27Jun 27
Yehuda GelbinCheckmarx ZeroA New North Korean Group Emerges, Disrupting the Open Source EcosystemIn December 2023, we reported on how North Korean threat actors, particularly Jade Sleet, have been compromising supply chains through the…Jun 13Jun 13
Yehuda GelbinCheckmarx ZeroInstant Breach: Malicious Package Compromise — Victim vs Attacker’s POVOpen-source packages are an indispensable tool for developers. However, the convenience they offer comes with a significant risk: the…May 9May 9
Yehuda GelbinCheckmarx ZeroNew Technique to Trick Developers Detected in an Open-Source Supply Chain Attack.In a recent attack campaign, cybercriminals were discovered cleverly manipulating GitHub’s search functionality, and using meticulously…Apr 10Apr 10